Why We Need Your Data And How We Keep It Secure

When you onboard with Nest Payroll, we need some sensitive data from you.

Your data enables us to:

  1. Obtain your household Employer Identification Number (EIN) from the IRS.

  2. Obtain your state employer tax account number.

  3. File and facilitate payment of your payroll taxes with the IRS, the Social Security Administration and your state employer tax authority.

  4. Produce your Schedule H for your federal return.

  5. Produce a legal paystub for your employees

  6. Produce completed employee W2s.

  7. Submit your employer W3 to the Social Security Administration.

We take security very seriously, and follow best industry practices. We also ask for the minimum amount of information that enables us to process your household payroll. Our architecture has been built from the ground up with your data security in mind:

  • We recommend you use Apple’s Password AutoFill feature at account creation. With a simple tap, you can create and save new passwords. Passwords generated by iOS, by default, are twenty characters long. They contain one digit, one uppercase character, two hyphens, and sixteen lowercase characters. These generated passwords are strong, containing seventy-one bits of entropy.

  • Access to your data is protected with your account credentials. Please ensure you’re using a safe and unique password to protect your data.

  • All credentials and passwords are stored on your iOS device’s Keychain. 

  • Server-side data at rest encryption: All data stored on our servers are thoroughly encrypted with asymmetric encryption and backed by an industry standard Key Management System that ensures rotating encryption keys and minimizes vectors of attack.

  • Client-side data at rest encryption: In order to make the app responsive and easy to use, we sometimes require the download of some of your personal information from our secure servers. We ensure that any local copy of that information is encrypted in transit as well as locally with server grade encryption.

  • Data in transit encryption: All communication with our servers use industry standard HTTPS TLS 2.0 to ensure data in transit is always secure.